Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-10-14 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

New Netsky Variant

Published: 2004-10-14
Last Updated: 2004-10-15 00:50:48 UTC
by Michael Haisley (Version: 1)
0 comment(s)
There appears to be a new version of netsky circulating, several antivirus vendors have updated definitions. System admins, and users should check to verify that virus definitions are up to date. Although it appears that it does not distribute it, this new variant does include some password stealing code which was originally from BugBear, it is quite possible that even after the removal of the virus, your system could still have passwords stored on it, which might have already been retrived, for this reason, it is safe to recommend that any password for any user which uses a machine which is found to be compromised should be changed.

Botnet information still needed

We have got a lot of botnet information, but we continue to need more, please continue to forward any information you get to us.

--------------------
Michael Haisley mhaisley@isc.sans.org
Keywords:
0 comment(s)
Diary Archives